[eluser]Unknown[/eluser]
Hi, i'm making a online store and i have little problem with login system. About 3% from all users can't login in to the website.
This is my code.
Code:
public function login()
{
if(isset($_POST['submit']))
{
$email = htmlspecialchars(mysql_real_escape_string($this->input->post("email")));
$pass = htmlspecialchars(mysql_real_escape_string($this->input->post("pass")));
$rand1 = htmlspecialchars(mysql_real_escape_string($this->input->post("rand1")));
$rand2 = htmlspecialchars(mysql_real_escape_string($this->input->post("rand2")));
$answer = htmlspecialchars(mysql_real_escape_string($this->input->post("answer")));
$salt = "^^^&&********%^&%^&%^&^&*(&()dfgfdgdfgdko5456dsffds6fsd5fs4d4fsd)";
$remember = htmlspecialchars(mysql_real_escape_string($this->input->post("remember")));
$date = date("Y-m-d h:i:s");
$password = md5(sha1(md5(sha1($pass.$salt.$pass)))); $date = date("Y-m-d h:i:s"); $url = base_url("panel");
$check_user = $this->db->query("SELECT * FROM user_info WHERE user_email='$email' AND user_pass='$password'");
if(($rand1 + $rand2) == $answer)
{
if($check_user->num_rows() == 1)
{
$auth_key = md5(sha1(md5(sha1($email.$date.$salt))));
if($remember == 1)
{
setcookie("auth", $auth_key, time()+3600*24*60, "/");
}
elseif($remember != 1)
{
if(!isset($_SESSION)){ session_start(); }
$_SESSION['auth'] = $auth_key;
}
$update_key = $this->db->query("UPDATE user_info SET user_auth='$auth_key',user_activity='$date' WHERE user_email='$email' AND user_pass='$password'");
header("Location: $url");
}
else
{
$this->message = $this->ajax_error("Въведените от вас данни са грешни !<br /><br ?> Моля опитайте пак !","1");
}
}else{ $this->message = $this->ajax_error("Въведеният от вас отговор на въпроса е грешен !<br /><br ?> Моля опитайте пак !","1"); }
}
}